func TestCreateDeveloperEmailExists(t *testing.T) {
	testServer(func(s *Server) {
		headers := make(map[string]string)
		k := fernet.MustDecodeKeys("YI1ZYdopn6usnQ/5gMAHg8+pNh6D0DdaJkytdoLWUj0=")
		tok, err := fernet.EncryptAndSign([]byte("mysharedtoken"), k[0])
		if err != nil {
			t.Fatalf("fernet encryption failed %v\n", err)
		}
		stok := base64.URLEncoding.EncodeToString(tok)
		headers["X-Access-Token"] = stok

		res, err := testHttpRequestWithHeaders("POST", "/api/v1/developers/", `{"name":"adnaan"}`, headers)
		if err != nil {
			t.Fatalf("email exists failed %v", err)

		} else {
			body, _ := ioutil.ReadAll(res.Body)

			if res.StatusCode != 500 {
				t.Fatalf("able to create developer: %v", string(body))

			}
		}

	})

}
Exemple #2
0
//Validate access token
func (s *Server) validateAccessLoginToken(token string) (string, bool) {

	btok, err := base64.URLEncoding.DecodeString(token)

	if err != nil {
		return "", false

	}
	k := fernet.MustDecodeKeys(s.config.Clients["browser"].Secret)
	email := fernet.VerifyAndDecrypt(btok, 60*time.Second, k)

	c := s.redisConn()
	defer c.Close()

	status, err := redis.String(c.Do("GET", email))
	if err != nil {
		return "", false
	}

	if status == "loggedin" {
		return string(email), true
	} else {
		return "", false
	}

}
Exemple #3
0
func Example() {
	k := fernet.MustDecodeKeys("cw_0x689RpI-jtRR7oE8h_eQsKImvJapLeSbXpwF4e4=")
	tok, err := fernet.EncryptAndSign([]byte("hello"), k[0])
	if err != nil {
		panic(err)
	}
	msg := fernet.VerifyAndDecrypt(tok, 60*time.Second, k)
	fmt.Println(string(msg))
	// Output:
	// hello
}
Exemple #4
0
//Validate access token
func (s *Server) validateSharedToken(token string) bool {

	btok, err := base64.URLEncoding.DecodeString(token)

	if err != nil {
		return false

	}
	k := fernet.MustDecodeKeys(s.config.Clients["browser"].Secret)
	shared_token := fernet.VerifyAndDecrypt(btok, 60*10*time.Second, k)
	if string(shared_token) == string(s.config.Clients["browser"].Token) {
		return true
	} else {
		return false
	}

}
Exemple #5
0
//Generate time based access token using shared secret. See fernet project
//for more details
func (s *Server) genAccessToken(email string) (string, error) {
	//encrypt token
	k := fernet.MustDecodeKeys(s.config.Clients["browser"].Secret)
	tok, err := fernet.EncryptAndSign([]byte(email), k[0])
	if err != nil {

	}
	token := base64.URLEncoding.EncodeToString(tok)

	//cache it
	c := s.redisConn()
	defer c.Close()

	c.Do("SET", email, "loggedin")

	return token, nil

}
func TestFernet(t *testing.T) {
	k := fernet.MustDecodeKeys("YI1ZYdopn6usnQ/5gMAHg8+pNh6D0DdaJkytdoLWUj0=")
	tok, err := fernet.EncryptAndSign([]byte("mysharedtoken"), k[0])
	if err != nil {
		t.Fatalf("fernet encryption failed %v\n", err)
	}
	stok := base64.URLEncoding.EncodeToString(tok)

	btok, err := base64.URLEncoding.DecodeString(stok)
	//fmt.Println(btok)

	if err != nil {
		t.Fatalf("fernet key decryption failed %v\n", err)
	}

	msg := fernet.VerifyAndDecrypt(btok, 60*time.Second, k)
	if string(msg) != "mysharedtoken" {
		t.Fatalf("verification failed!\n")
	}

}
func TestCreateDeveloperHeaderWithTimeOK(t *testing.T) {
	testServer(func(s *Server) {
		headers := make(map[string]string)
		k := fernet.MustDecodeKeys("YI1ZYdopn6usnQ/5gMAHg8+pNh6D0DdaJkytdoLWUj0=")
		tok, err := fernet.EncryptAndSign([]byte("mysharedtoken"), k[0])
		if err != nil {
			t.Fatalf("fernet encryption failed %v\n", err)
		}
		stok := base64.URLEncoding.EncodeToString(tok)
		headers["X-Access-Token"] = stok
		res, err := testHttpRequestWithHeaders("POST", "/api/v1/developers/", `{"name":"adnaan","email":"*****@*****.**","password":"******"}`, headers)
		if err != nil {
			t.Fatalf("Unable to create developer: %v", err)

		} else {

			body, _ := ioutil.ReadAll(res.Body)

			if res.StatusCode != 200 {
				t.Fatalf("unable to create developer: %v", string(body))
			}

			response := NewDeveloperResponse{}
			err := json.Unmarshal(body, &response)
			if err != nil {
				t.Fatalf("fail to parse body: %v", string(body))
			}

			access_token = response.AccessToken
			dev_id = response.ObjectId

		}

	})

}
Exemple #8
0
func init() {
	s := os.Getenv("SECRETS")
	if len(s) > 0 {
		keys = fernet.MustDecodeKeys(strings.Split(s, ":")...)
	}
}
Exemple #9
0
func init() {
	if len(conf.Secrets) > 0 {
		keys = fernet.MustDecodeKeys(conf.Secrets...)
	}
}
Exemple #10
0
func init() {
	if s := strings.Split(os.Getenv("SECRETS"), ":"); len(s) > 0 {
		keys = fernet.MustDecodeKeys(s...)
	}
}